7.5

CVE-2005-1920

The (1) Kate and (2) Kwrite applications in KDE KDE 3.2.x through 3.4.0 do not properly set the same permissions on the backup file as were set on the original file, which could allow local users and possibly remote attackers to obtain sensitive information.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
KdeKde Version >= 3.2 <= 3.4.0
DebianDebian Linux Version3.1
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 3.67% 0.882
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.5 3.9 3.6
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:P/I:N/A:N
CWE-281 Improper Preservation of Permissions

The product does not preserve permissions or incorrectly preserves permissions when copying, restoring, or sharing objects, which can cause them to have less restrictive permissions than intended.

http://www.novell.com/linux/security/advisories/2005_18_sr.html
Broken Link
http://www.securityfocus.com/archive/1/427976/100/0/threaded
Third Party Advisory
Broken Link
VDB Entry
http://marc.info/?l=bugtraq&m=112171434023679&w=2
Mailing List
http://secunia.com/advisories/16099
Broken Link
http://secunia.com/advisories/23099
Broken Link
http://security.gentoo.org/glsa/glsa-200611-21.xml
Third Party Advisory
http://securitytracker.com/id?1014512
Third Party Advisory
Broken Link
VDB Entry
http://www.debian.org/security/2005/dsa-804
Third Party Advisory
http://www.kde.org/info/security/advisory-20050718-1.txt
Patch
Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2005-612.html
Broken Link
http://www.securityfocus.com/bid/14297
Third Party Advisory
Broken Link
VDB Entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9434
Broken Link